security

PingCastle - Get Active Directory Security at 80% in 20% of the time

awesome game security [Welcome to PR]

A lightweight LDAP server for development, home use, or CI

本程序旨在为安全应急响应人员对Linux主机排查时提供便利，实现主机侧Checklist的自动全面化检测，根据检测结果自动数据聚合，进行黑客攻击路径溯源。

The wolfSSL library is a small, fast, portable implementation of TLS/SSL for embedded devices to the cloud. wolfSSL supports up to TLS 1.3 and DTLS 1...

Pentest Report Generator

Let's make an annoyance free, better open internet, altogether!

DDos Ripper a Distributable Denied-of-Service (DDOS) attack server that cuts off targets or surrounding infrastructure in a flood of Internet traffic

Repository for BLESS, an SSH Certificate Authority that runs as a AWS Lambda function

Patch-level verification for Bundler

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Software sandbox for storage of sensitive information in memory.

详细的C/C++编程规范指南，由360质量工程部编著，适用于桌面、服务端及嵌入式软件系统。

Kubernetes Security - Best Practice Guide

NGINX tuning for best performance

Security automation content in SCAP, Bash, Ansible, and other formats

X-SpringBoot是一个轻量级的Java快速开发平台，基于springboot3和jdk21，使用虚拟线程，可配置的SaaS功能具备RBAC功能、自动代码生成、多种存储系统，多种短信平...

Zero-Trust access management with true WireGuard® 2FA/MFA

Java web common vulnerabilities and security code which is base on springboot and spring security

Vulnerability Intelligence Platform

🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.

Automated Security Testing For REST API's

Web framework that allows performing periodic syncs of data sources and performing analysis on the identified results

AuthPass - Password Manager based on Flutter for all platforms. Keepass 2.x (KDBX 3 and KDBX 4) compatible.

Elkeid is an open source solution that can meet the security requirements of various workloads such as hosts, containers and K8s, and serverless. It i...

Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.

Zero shot vulnerability discovery using LLMs

Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code w...

HardeningKitty and Windows Hardening Settings

You don't have the time to watch all the WWDC session videos yourself? No problem me and many contributors extracted the gist for you 🥳

Open source vulnerability DB and triage service.

Keystone assembler framework: Core (Arm, Arm64, Hexagon, Mips, PowerPC, Sparc, SystemZ & X86) + bindings

Captcha for Laravel 5+

FISCO BCOS（发音为/ˈfɪskl bi:ˈkɒz/）是一个稳定、高效、安全的许可区块链平台，已被广泛应用于现实的行业应用。截至目前，已拥有5000多家企事业单位，400多个...

An open-source, privacy-enhancing web browser for iOS, utilizing the Tor anonymity network

nodejsscan is a static security code scanner for Node.js applications.

A fork of AFL for fuzzing Windows binaries

Extensible security first OAuth 2.0 and OpenID Connect SDK for Go.

JWT brute force cracker written in C

Phishing Campaign Toolkit

Automation to assess the state of your M365 tenant against CISA's baselines

红队作战中比较常遇到的一些重点系统漏洞整理。

Security engine for Java (authentication, authorization, multi frameworks): OpenID Connect, SAML2, CAS, OAuth, LDAP, JWT...

Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.

Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.

Copy/paste anything over the network.

A very small, very simple, yet very secure encryption tool.

Provides a tight integration of the Security component into the Symfony full-stack framework

A tool to dump a git repository from a website